摘要
僵尸网络已经成为网络攻击者首选的攻击平台,用以发起分布式拒绝服务攻击、窃取敏感信息和发送垃圾邮件等,对公共互联网的正常运行和互联网用户的利益造成了严重的威胁。较大规模地发现和监测实际僵尸网络的活动行为并对其规律进行深入调查分析,是更为全面地监测僵尸网络和对其实施反制的必要前提。通过对所监测的1 961个实际僵尸网络的活动情况进行了深入调查和分析,从中给出了僵尸网络数量增长情况、控制服务器分布、僵尸网络规模、被控主机分布以及僵尸网络各种攻击行为的分析结果。
Botnets have become the first-choice attack platform for the network attackers to launch distributed denial of service attacks, steal sensitive information and send spam. They have raised serious threats to normal operation of the Intemet and the benefits of the Intemet users. The investigation on the wild botnets activities is the necessary for the further monitering and countermeasure against world-wide botnets. Based on the investigation and analysis on tracking records of I 961 wild botnets, it shows the statistical results of botnet activities, including amount of botnets, command and control channel distributions, botnet size and end-host distributions, and various types of botnet attack activities.
出处
《通信学报》
EI
CSCD
北大核心
2007年第12期167-172,共6页
Journal on Communications
基金
国家高技术研究发展计划("863"计划)基金资助项目(2006AA01Z445)
国家"242"信息安全计划基金资助项目(2007G23)~~